We fully recognize the significance of your personal data and privacy rights. To the greatest extent possible, we are committed to safeguarding any personal data you supply when using our software offerings. This Privacy Policy (hereinafter referred to as "this Policy") describes the ways we gather, utilize, retain, disclose, and secure your personal information, along with the rights you hold in managing your data. Before you begin using our services, kindly review and thoroughly comprehend this Policy. By proceeding to use our services, you confirm that you have fully reviewed and agreed to every provision of this Policy. If you disagree with any part of this Policy, please stop using this software and its associated services immediately.
Should you have any inquiries, feedback, or recommendations in connection with this Policy, please reach out to us using the details provided in the "How to Reach Us" section at the end of this document. After verifying your identity, we will respond as promptly as possible. This Policy will assist you in understanding the following topics:
1. Methods of Collecting and Using Personal Data 2. Employment of Cookies and Comparable Technologies 3. Disclosure, Transfer, and Sharing of Personal Data 4. Retention and Safeguarding of Personal Data 5. Your Rights to Manage Personal Data 6. Incorporation of External Party Services 7. Protection for Young Individuals 8. Policy Revisions and Announcements 9. How to Get in Touch with Us 1. Methods of Collecting and Using Personal DataThe primary reason for gathering and utilizing your personal data is to enhance the smoothness and satisfaction of your interaction with BoomAI, all while ensuring lawful compliance and secure functioning. We obtain your information through these approaches:
1.1 Origins of Information Gathering1.1.1 Details you willingly provide: this comprises information you supply when setting up an account or employing particular functionalities (for instance, phone number, display name, profile image), as well as content you share or store via this software with outside parties.
1.1.2 Information provided by external parties: when you sign in using an external account (for example, WeChat, QQ), after obtaining your permission we may receive certain public data from that external platform (such as profile picture and display name).
1.1.3 Data automatically captured: while you are using our services (including in the background or silent states), we automatically record log data, device details, and network environment information to guarantee proper service operation.
1.1.4 Significant notice: Unless otherwise indicated, personal data is kept on our servers for a maximum duration of two years.
1.2 Special Notification Regarding Facial Data HandlingTo deliver features such as singing with a photo, after receiving your approval, we examine facial reference points (eyes, nose, mouth, etc.) within the images you send. If you decline approval, we will not perform such examination. Please be aware:
1.2.1 We do NOT gather or store your unprocessed facial data. All examination is finished in real time following your image submission. Once the examination is finished, the original image and the extracted facial data are instantly and permanently removed without any backup copy.
1.2.2 Processing procedure: You submit an image → secure server-side examination and template matching → final visual effect delivered back to you → immediate removal of the submitted image and analysis data. The generated creation is kept only temporarily until you save or share it, after which it is also destroyed.
1.3 Specific Features and Information UsageAs our product evolves, we may add new features or modify existing services. If a new feature requires collecting personal data not addressed by this Policy, we will seek your explicit consent once more.
1.3.1 Account Registration and Login: You can sign up with your phone number, which is required for real-name verification as mandated by regulations. You may also opt for one-click login (carrier-based) or external account authorization; in such instances we will collect your phone number or external account public information to generate an account.
1.3.2 Essential Operation and Security: To detect abnormal conditions, guarantee device compatibility, and maintain network security, we gather log information (e.g., IP address, access time, actions) and device details (including hardware model, OS version, device identifiers (Android ID/IMEI/OAID/IDFA, etc.), MAC address, WLAN access point, Bluetooth data, sensor data, and SD card data). Such information alone cannot identify a specific individual; if combined with other data to identify a person, the combined set will be regarded as personal information.
1.3.3 Core Feature Usage: When you use functionalities such as "Anime Avatar" or "Gender Swap", we will request storage, photo album, and camera permissions. Saving produced images or videos necessitates read/write storage permission. Declining these permissions will only affect the related feature and not other services.
1.3.4 Payment and Order Services: When you buy virtual goods or subscription memberships, we produce an order and complete the transaction through external payment processors, sharing necessary order and payment details.
1.3.5 Customer Assistance: If you contact our WeChat customer service or send feedback by email, we might ask you to supply account information to verify your identity, and we will keep communication records and content to assist in resolving your concerns.
1.3.6 Security Assurance: To guard against cyberattacks, fraud, and other risks, we comprehensively analyze your account information, device details, and log data for risk evaluation and identity confirmation.
1.3.7 Personalized Promotions: To present you with more relevant promotions while keeping our services free, we may build a user profile based on your preferences and usage patterns, and display personalized ads through our advertising system. This profile is difficult to associate with your actual identity and is used solely for ad enhancement.
Device Permission Management Guidance: You may enable or disable storage, camera, photo album, and other permissions at any time via your device system settings. Turning off a permission cancels your consent, and we will no longer collect information relying on that permission. This does not impact processing that occurred before the cancellation.
Exceptions (Consent Not Required): Under applicable laws, we may collect and use your information without advance consent in circumstances such as national security, public safety, criminal investigations, urgent protection of life or property, information you have made publicly available, news reporting, academic research, and other legally specified situations.
Personal Data Retention Period: Unless otherwise mandated by law, we keep your personal data only for as long as necessary for the purposes described in this Policy, up to a maximum of two years. After service termination, we will delete or anonymize your information.
2. Employment of Cookies and Comparable TechnologiesTo elevate your browsing experience, we and our external partners may employ cookies, web beacons, or similar technologies to automatically gather and store information (e.g., login status, preferences). A cookie is a small data file sent from a web server to your browser and saved locally. We utilize cookies to: recall your identity so you do not need to log in repeatedly; analyze how you use the service to improve our offerings; and support ad performance measurement. You can manage or disable cookies through your browser settings, but this may impact certain functionalities. External advertisers may also place cookies, and their handling of information is governed by their own privacy policies.
3. Disclosure, Transfer, and Sharing of Personal Data 3.1 Sharing Principles(1) Authorized Consent: No sharing of personal data without explicit consent, unless the information has been fully de-identified (validated by an external party as non-re-identifiable) and is limited to compliance scenarios such as technology development.
(2) Legal Minimum Necessity: Sharing must comply with regulations, restricted to the minimal data and shortest period needed to achieve the purpose, and dynamically assess and stop unnecessary sharing.
(3) Security and Diligence: Before sharing with an external party, its legality and security qualifications must be reviewed, legal agreements signed, and encryption monitoring deployed to guarantee transmission security.
3.2 Sharing for Function Realization3.2.1 When using premium features, anonymized metadata (e.g., preference tags) may be shared to improve recommendations. Users may request to disable this via customer service channels, and we will handle and provide feedback within 15 working days.
3.2.2 Please be aware: When using the core feature of singing with a photo, you must grant access to your photo album and choose a photo or video from the album as the material for effect production before proceeding. While using these features, we will send the images or videos you choose to our external AI partner (Tencent Cloud) for effect processing. You may decline authorization and thereby stop using the feature.
The following outlines the types and descriptions of service providers. External link services and their privacy policies are the responsibility of the corresponding providers; you need to assess the risks yourself and decide whether to use them.
Platform 1: Tencent Cloud
Reason for use: AI service provider, offering effect processing capabilities for images and videos
Privacy Policy: https://privacy.qq.com/policy/tencent-privacypolicy
3.3 Sharing for Security and Statistics(1) Account Security: Share encrypted device/login information with certified institutions, used only for risk control defense; partners must maintain confidentiality.
(2) Anonymized Statistics: Share aggregated data (e.g., crash rates) after k-anonymity and differential privacy processing to ensure irreversible identification.
(3) Academic Research: After ethical review, share de-identified data (removing directly identifiable information) with research institutions, limited to public welfare purposes and prohibited for commercial use.
3.4 Information TransferWithout your explicit consent, we will not transfer your personal data. Only when required by law or truly necessary, the recipient must strictly follow this Privacy Policy. If the recipient fails to meet its protection obligations, we will not transfer; under special circumstances, we need to obtain your authorization and consent again.
3.5 Public Display of InformationWe generally do not publicly disclose your personal data unless required by law or with your voluntary consent. When disclosing, steps such as masking will be taken to lower risks, and disclosure will be limited to necessary information (like nickname, processing result) when handling violative accounts according to the principle of minimum necessity.
3.6 Exemptions from Consent under Law(1) According to laws and regulations, we may not need to obtain your consent in the following circumstances:
(2) Involving national security, national defense security;
(3) Involving public security, public health, major public interests;
(4) Directly related to criminal investigation, prosecution, trial, and execution of judgments;
(5) To protect your or another person's vital legitimate rights and interests and it is difficult to obtain consent;
(6) Personal information you have made public yourself;
(7) Information obtained from legally publicly available channels;
(8) Necessary for concluding or performing a contract;
(9) Necessary to ensure the safe and stable operation of the service;
(10) Necessary for legitimate news reporting;
(11) Academic research based on public interest with information already de-identified;
(12) Other circumstances stipulated by laws and regulations.
4. Retention and Safeguarding of Personal Data 4.1 Storage Location and DurationPersonal data collected and generated within the territory of China will be stored on servers located in China. Unless permitted by law or with your additional authorization, we keep your information only as long as necessary for the purposes described in this Policy. After service termination, we will promptly delete or anonymize your information.
4.2 Security MeasuresWe have a dedicated information security team and employ industry-standard encryption technologies (such as SSL transmission encryption, storage encryption), access control and audit mechanisms to prevent data loss, leakage, or tampering. We conduct regular staff training to raise privacy awareness. We have also established a security incident response system and will immediately activate response plans and fulfill legal notification obligations in the event of leaks or damage.
Although we strive to protect your information, no internet transmission is 100% secure. Please safeguard your account and password, use complex passwords and change them periodically. If you notice any abnormal account activity, contact us immediately.
5. Your Rights to Manage Personal Data 5.1 Access, Correction, and DeletionYou can view or update your nickname, profile image, and other information through the in-app profile editing function. You may also contact customer service to request corrections or deletions; we will respond after verifying your identity.
5.2 Public Sharing NoticeInformation you post in public areas (e.g., community, comment sections) may be seen and collected by other users. Please think carefully before sharing any sensitive personal data. We are not responsible for information leakage resulting from your own public disclosures.
5.3 Account DeletionYou may submit a deletion request through "Settings → Account Management → Delete Account" or by sending an email to our customer service email address. We will complete the verification and deletion process within 15 working days. After deletion, we will delete or anonymize your personal data unless otherwise required by law.
5.4 Changing Your Consent ScopeYou can withdraw your consent by managing device permissions or disabling specific functions. Withdrawal does not affect the lawfulness of processing based on consent before the withdrawal.
5.5 Responding to Your RequestsFor security reasons, we may ask you to verify your identity in writing before processing your request. Generally, there is no fee for reasonable requests, but we may charge a cost for excessive or repetitive requests. We may not be able to honor requests that involve national secrets, public security, criminal investigations, trade secrets, or other exempt circumstances.
6. Incorporation of External Party ServicesOur services may contain links to external websites or services, as well as integrated external SDKs (e.g., payment, social login, analytics, ad display). These external services are independently provided and governed by their own privacy policies. We are not responsible for the information handling practices of external parties. When you use the "Share" function to send content to other platforms, the privacy policy of that platform will apply. The main types of external SDKs we currently integrate include: advertising services, payment services, location/device data collection, external authorization login, performance optimization, security risk control, etc. We carefully evaluate the compliance of external SDKs and require them to take adequate protective measures.
7. Protection for Young IndividualsWe attach great importance to the protection of young individuals’ personal data. If you are below the age of 14 (a child), you must obtain explicit written consent from your parent or legal guardian before using this software. If you are a guardian and have any questions regarding the personal data of a young individual under your care, please contact us through the contact information provided in Section 9 of this Policy.
8. Policy Revisions and AnnouncementsWe may update this Policy from time to time due to business changes or legal updates. Any revised version will be notified through prominent means (e.g., in-app announcements, pop-ups). Material changes include but are not limited to: significant changes in service model, ownership structure, purposes or methods of processing personal data. We encourage you to review this Policy periodically to stay informed of the latest updates. If you do not agree with the revised Policy, please stop using the services.
9. How to Get in Touch with UsIf you have any questions, complaints, or suggestions regarding this Privacy Policy or personal data protection, please contact our Data Protection Officer via the following method:
Email: hxh9898@yeah.net